Nixpkgs security tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestion detail

Dismissed
(max. allowed matches exceeded)
created 20 hours ago Activity log
  • Created & dismissed (max. allowed matches exceeded) suggestion
Improper authorization in the PAM SSH key and certificate retrieval …

Improper authorization in the PAM SSH key and certificate retrieval endpoints in Devolutions Server 2026.2.11, 2026.1.22 allows an authenticated low-privileged user to disclose the private key of an SSH key or certificate PAM credential via a direct object reference to the credential identifier.

Affected products

Server
  • <2026.2.12
  • <2026.1.23